**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**
This week Infocyte announced $5.2 million in Series B funding, bringing total investment to $8.6 million, and named Curtis Hutcheson its CEO. Hutcheson previously was GM for Dell Security Software.
The Infocyte HUNT service scans servers and endpoints, on demand or on a set schedule, looking for signs of compromise. In an interview, Hutcheson and Infocyte co-founder Chris Gerritz stressed the uniqueness of the service and the value that partners bring to the program.
“We wish we found more completely clean networks,” said Hutcheson. In their experience, about 48 percent of the time, the system uncovers evidence of a successful attack. In cases where no issues are found, partners can give the customer a clean bill of health.
The difference between HUNT and a penetration test, says Gerritz, is that pen-test reports consistently come back with vulnerabilities.
“But no one was asking the question, ‘Did anybody use one of the vulnerabilities?'” he said. An attacker might have been lurking on the network for six or 12 months, stealing data. That dwell time, which averages six months, is what’s given rise to the use of threat hunting technology in high-value targets, such as the military and top-tier financial institutions, says Gerritz. Since HUNT is delivered as a service, it’s accessible to midsize enterprises.
“The heritage of this company is around an Air Force team that was dealing with this before the modern enterprise really was,” said Hutcheson. “Three ex-Air Force folks have built this company on the highest level of integrity. You know when you partner with Infocyte that we’re going to deliver on what we say, and we’re going to help that partner always have credibility.”
Gerritz, one of those veterans, is a retired U.S. Air Force cyber-operations expert.
“Compromise assessments are a fairly new offering,” said Gerritz. “When we started the company, only very large service providers had offerings, and they were very expensive, $250,000-plus. We’re able to enable even small service providers that maybe have five people in their shops to deliver this service.”
He says companies that can recover within a day of a breach can reduce the cleanup cost by 99 percent.
Speaking of cost, Hutcheson says the product is very complementary to customers’ existing security investments and that the technology integrates with SIEM and security analytics platforms. As to competitors, Gerritz cites other methods for spotting intruders, such as deception technology built around honeypots. In contrast, HUNT looks for signs of post-compromise activity, such as code left in volatile memory, forensic artifacts or changes to the operating system. The product can simultaneously scan thousands of Windows and Linux endpoints, on premises or in the cloud. The HUNT scanner software is installed on a Windows server and delivered with existing endpoint-management tools. A rundown of the process is here. Gerritz says the company is working to make the product …